load("@fbcode_macros//build_defs:cpp_library.bzl", "cpp_library")

oncall("fbcode_entropy_wardens_folly")

cpp_library(
    name = "ssl",
    exported_deps = [
        ":client_hello_ext_stats",  # @manual
        ":server_ssl_context",  # @manual
        ":ssl_cache_options",  # @manual
        ":ssl_cache_provider",  # @manual
        ":ssl_context_config",  # @manual
        ":ssl_context_manager",  # @manual
        ":ssl_session_cache_manager",  # @manual
        ":ssl_stats",  # @manual
        ":tls_ticket_key_manager",  # @manual
        ":tls_ticket_key_seeds",  # @manual
    ],
)

# Main Rules

cpp_library(
    name = "client_hello_ext_stats",
    headers = ["ClientHelloExtStats.h"],
    exported_deps = [
        "//wangle/acceptor:util",
    ],
)

cpp_library(
    name = "ssl_cache_options",
    headers = ["SSLCacheOptions.h"],
)

cpp_library(
    name = "ssl_cache_provider",
    headers = ["SSLCacheProvider.h"],
    exported_deps = [
        "//folly/futures:core",
        "//folly/io/async:async_ssl_socket",
    ],
)

cpp_library(
    name = "ssl_context_config",
    headers = ["SSLContextConfig.h"],
    exported_deps = [
        "//folly:optional",
        "//folly/io/async:ssl_context",
        "//folly/io/async:ssl_options",
    ],
)

cpp_library(
    name = "password_in_file_factory",
    srcs = ["PasswordInFileFactory.cpp"],
    headers = ["PasswordInFileFactory.h"],
    exported_deps = [
        "//folly/io/async:password_in_file",
    ],
)

cpp_library(
    name = "ssl_context_manager",
    srcs = ["SSLContextManager.cpp"],
    headers = ["SSLContextManager.h"],
    deps = [
        ":client_hello_ext_stats",
        ":server_ssl_context",
        ":ssl_cache_options",
        ":ssl_util",
        ":tls_ticket_key_manager",
        "//folly:conv",
        "//folly:scope_guard",
        "//folly:string",
        "//folly/io/async:password_in_file",
        "//folly/portability:openssl",
        "//folly/ssl:openssl_cert_utils",
    ],
    exported_deps = [
        ":password_in_file_factory",
        ":sni_config",
        ":ssl_context_config",
        ":ssl_session_cache_manager",
        ":tls_ticket_key_seeds",
        "//folly:shared_mutex",
        "//folly/io/async:async_base",
        "//folly/io/async:ssl_context",
        "//wangle/acceptor:util",
    ],
    exported_external_deps = [
        "glog",
    ],
)

cpp_library(
    name = "ssl_session_cache_manager",
    srcs = ["SSLSessionCacheManager.cpp"],
    headers = ["SSLSessionCacheManager.h"],
    deps = [
        ":ssl_util",
        "//folly/fibers:core_manager",
        "//folly/portability:gflags",
        "//folly/portability:openssl",
    ],
    exported_deps = [
        ":ssl_cache_provider",
        ":ssl_stats",
        "//folly/container:evicting_cache_map",
        "//folly/hash:hash",
        "//folly/io/async:async_ssl_socket",
    ],
)

cpp_library(
    name = "ssl_stats",
    headers = ["SSLStats.h"],
)

cpp_library(
    name = "ssl_util",
    srcs = ["SSLUtil.cpp"],
    headers = ["SSLUtil.h"],
    deps = [
        "//folly:file_util",
        "//folly:format",
        "//folly:memory",
        "//folly/io/async:async_ssl_socket",
        "//folly/portability:openssl",
    ],
    exported_deps = [
        "//folly:string",
        "//folly/ssl:openssl_ptr_types",
        "//folly/ssl:password_collector",
    ],
)

cpp_library(
    name = "server_ssl_context",
    srcs = ["ServerSSLContext.cpp"],
    headers = ["ServerSSLContext.h"],
    deps = [
        ":ssl_cache_options",
        ":ssl_context_config",
        ":ssl_session_cache_manager",
    ],
    exported_deps = [
        "//folly/io/async:ssl_context",
    ],
)

cpp_library(
    name = "tls_cred_processor",
    srcs = ["TLSCredProcessor.cpp"],
    headers = ["TLSCredProcessor.h"],
    deps = [
        ":ssl_util",
        "//folly:file_util",
        "//folly:memory",
        "//folly/json:dynamic",
    ],
    exported_deps = [
        ":tls_ticket_key_seeds",
        "//folly:optional",
        "//folly:synchronized",
        "//folly/io/async:password_in_file",
        "//wangle/util:file_poller",
    ],
)

cpp_library(
    name = "tls_in_memory_ticket_processor",
    srcs = ["TLSInMemoryTicketProcessor.cpp"],
    headers = ["TLSInMemoryTicketProcessor.h"],
    deps = [
        ":ssl_util",
        "//folly:random",
    ],
    exported_deps = [
        ":tls_ticket_key_seeds",
        "//folly:synchronized",
        "//folly/executors:function_scheduler",
    ],
)

cpp_library(
    name = "tls_ticket_key_manager",
    srcs = ["TLSTicketKeyManager.cpp"],
    headers = ["TLSTicketKeyManager.h"],
    deps = [
        ":ssl_stats",
        ":ssl_util",
        ":tls_ticket_key_seeds",
        "//folly:glog",
        "//folly:random",
        "//folly:string",
        "//folly/portability:openssl",
    ],
    exported_deps = [
        "//folly/io/async:async_base",
        "//folly/io/async:ssl_context",
        "//folly/ssl:openssl_ticket_handler",
    ],
    external_deps = [
        ("openssl", None, "crypto"),
    ],
)

cpp_library(
    name = "tls_ticket_key_seeds",
    headers = ["TLSTicketKeySeeds.h"],
)

cpp_library(
    name = "sni_config",
    headers = ["SNIConfig.h"],
    exported_deps = [
        ":ssl_context_config",
    ],
)
